From

Thank you

Sorry

Big Brother is watching. And he wants to sell you toothpaste and get you to vote for the candidate of his choice.

The Wall Street Journal's Emily Steel has an excellent piece today detailing just how much Internet data mining firms know about you. The answer? A lot more than you realize. Like: your political affiliations, religious activities, income level, various likes and interests, and your activity on online dating sites, to name but a few.

Today's WSJ story is all about Rapleaf, one of the companies that benefitted from Facebook's latest "inadvertent" data leak, where it received personally identifiable information for people who clicked on advertisements inside Facebook apps.

Rapleaf builds profiles of Web surfers by dropping tracking cookies on its clients' websites, then matching the email addresses of registered users to data it has scraped from social networking sites. Rapleaf then sells this information to companies that want to target ads. This election year, Rapleaf's clients also include at least 10 political campaigns.

Like every Internet company whose business revolves around siphoning data out of people without their realizing it, Rapleaf is very pious when it comes to talking about user privacy. CEO Auren Hoffman wrote a blog post last month that hit all the right notes:

One of the most important principles of individual privacy is the ability to act anonymously. When people are driving to a store or reading a book at home, they have a reasonable assumption that nobody is monitoring their behavior and attaching it to their name and address.

The same should be true on the internet: when you are online, there should be a presumption of anonymity. Nobody -- including websites, ad networks, ad exchanges, widgets, outside analytics services, etc. -- should know who you are and what you do unless you sign up or log in.

In a better world with sufficient anonymity online, your search history and the sites you visit should not be matched back to personally-identifiable information (like your name, address, email, etc.) so it cannot be stolen, used to discriminate against you, or subpoenaed by the government.

Hoffman recommends making it "technically impossible" to store personally identifiable information about you, unless you're logged into the site you're visiting. Unfortunately, it appears the geeks at Rapleaf did not get the memo.